<?php !defined('IN_ONEZ') && exit('Access Denied');

$title='绑定账号';
include(ONEZ_ROOT.'/source/header.php');?>
<link href="images/login.css" rel="stylesheet" type="text/css" />
<?php
if($_POST){
  $usr=GP('usr');
  $pwd=GP('pwd');
  $token=GP('token');
  !$usr && ero('用户名不能为空');
  !$pwd && ero('密码不能为空');
  C($usr);
  $uid=onez_call('chklogin');
  !$uid && ero('用户名或密码不正确');
  
  $token=getToken($uid);
  $rndkey=uniqid();
  $file=ONEZ_ROOT.'/cache/temps/'.$token;
  C($usr,'code');
  $A=array(
    'add',
    $homepage.'/index.php',
    SITENAME,
    $uid,
    $usr,
    $token,
    $rndkey,
  );
  mkdirs(dirname($file));
  writeover($file,serialize($A));
  echo'<div style="margin:60px;border:1px solid #999999;background:#eee;padding:20px;display:inline-block">';
  echo'<h3>请用您的手机端进行扫描。<a href="qraccount.apk">下载手机客户端</a></h3>';
  echo'<p style="margin:10px 0">';
  echo '<img src="?action=bind&token='.getToken($uid).'" />';
  echo'</p>';
  echo'<input id="button" style="vertical-align:bottom;"  name="btn" type="button" value=" 关闭窗口 " onclick="window.close()" />';
  echo'</div>';
  exit();
}
?>
<div class="login-form">
	<form action="<?php echo $PHP_SELF?>?action=bindusr" method="post">
	    <p class="title-16"><b>请登录您的网站账号</b></p>
	    <p>帐号：<input type="text" name="usr" value="" onclick="this.focus()" />
	    </p>
	    	    <p>密码：<input type="password" name="pwd" value="" /></p>
	    <input type="hidden" name="token" value="<?php echo $token?>" />
	    <table cellpadding="0" style="margin:8px 0;">
            <tr><td style="text-align:left;"><input id="loginsubmit" style="vertical-align:bottom;"  name="btn" type="submit" value="下一步" /></td>
            </tr>
        </table>
	</form>
</div>
<?php include(ONEZ_ROOT.'/source/footer.php');?>